{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,21]],"date-time":"2026-05-21T01:15:01Z","timestamp":1779326101542,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":35,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,15]],"date-time":"2023-11-15T00:00:00Z","timestamp":1700006400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,15]]},"DOI":"10.1145\/3576915.3616597","type":"proceedings-article","created":{"date-parts":[[2023,11,21]],"date-time":"2023-11-21T12:35:13Z","timestamp":1700570113000},"page":"3228-3238","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Faster Constant-time Evaluation of the Kronecker Symbol with Application to Elliptic Curve Hashing"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2457-0783","authenticated-orcid":false,"given":"Diego F.","family":"Aranha","sequence":"first","affiliation":[{"name":"Aarhus University, Aarhus, Denmark"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9390-3441","authenticated-orcid":false,"given":"Benjamin Salling","family":"Hvass","sequence":"additional","affiliation":[{"name":"Aarhus University, Aarhus, Denmark"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2802-0973","authenticated-orcid":false,"given":"Bas","family":"Spitters","sequence":"additional","affiliation":[{"name":"Aarhus University, Aarhus, Denmark"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2736-2963","authenticated-orcid":false,"given":"Mehdi","family":"Tibouchi","sequence":"additional","affiliation":[{"name":"NTT Corporation, Tokyo, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,11,21]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2013.145"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2020.i3.428-453"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2019.i4.213-242"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-016-0135-4"},{"key":"e_1_3_2_1_5_1","volume-title":"Pairing (Lecture Notes in Computer Science","volume":"195","author":"Aranha Diego F.","year":"2012","unstructured":"Diego F. Aranha, Laura Fuentes-Casta\u00f1eda, Edward Knapp, Alfred Menezes, and Francisco Rodr\u00edguez-Henr\u00edquez. 2012. Implementing Pairings at the 192-Bit Security Level. In Pairing (Lecture Notes in Computer Science, Vol. 7708). Springer, 177--195."},{"key":"e_1_3_2_1_6_1","unstructured":"D. F. Aranha C. P. L. Gouv\u00eaa T. Markmann R. S. Wahby and K. Liao. [n. d.]. RELIC is an Efficient LIbrary for Cryptography. https:\/\/github.com\/relic-toolkit\/ relic."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2021.i4.351-387"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-018-9280-5"},{"key":"e_1_3_2_1_9_1","volume-title":"SCN (LNCS","volume":"267","author":"Barreto Paulo S. L. M.","year":"2002","unstructured":"Paulo S. L. M. Barreto, Ben Lynn, and Michael Scott. 2002. Constructing Elliptic Curves with Prescribed Embedding Degrees. In SCN (LNCS, Vol. 2576). Springer, 257--267."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"crossref","unstructured":"Daniel J. Bernstein Mike Hamburg Anna Krasnova and Tanja Lange. 2013. Elli-gator: elliptic-curve points indistinguishable from uniform random strings. In CCS. ACM 967--980.","DOI":"10.1145\/2508859.2516734"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2019.i3.340-398"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-004-0314-9"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-014-0084--8"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-14623-7_13"},{"key":"e_1_3_2_1_15_1","volume-title":"CSIDH: An Efficient Post-Quantum Commutative Group Action. In ASI-ACRYPT (3) (Lecture Notes in Computer Science","author":"Castryck Wouter","year":"2018","unstructured":"Wouter Castryck, Tanja Lange, Chloe Martindale, Lorenz Panny, and Joost Renes. 2018. CSIDH: An Efficient Post-Quantum Commutative Group Action. In ASI-ACRYPT (3) (Lecture Notes in Computer Science, Vol. 11274). Springer, 395--427."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-021-00271-w"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"crossref","unstructured":"Jorge Ch\u00e1vez-Saab Francisco Rodr\u00edguez-Henr\u00edquez and Mehdi Tibouchi. 2022. SwiftEC: Shallue-van de Woestijne Indifferentiable Function To Elliptic Curves. IACR Cryptol. ePrint Arch. (2022) 759. https:\/\/eprint.iacr.org\/2022\/759","DOI":"10.1007\/978-3-031-22963-3_3"},{"key":"e_1_3_2_1_18_1","volume-title":"Without Compromises. In S&P","author":"Erbsen Andres","unstructured":"Andres Erbsen, Jade Philipoom, Jason Gross, Robert Sloan, and Adam Chlipala. 2019. Simple High-Level Code for Cryptographic Arithmetic - With Proofs, Without Compromises. In S&P. IEEE, 1202--1219."},{"key":"e_1_3_2_1_19_1","unstructured":"Armando Faz-Hernandez Sam Scott Nick Sullivan Riad S. Wahby and Christopher A Wood. 2021. Hashing to elliptic curves. https:\/\/datatracker.ietf.org\/doc\/ draft-irtf-cfrg-hash-to-curve\/."},{"key":"e_1_3_2_1_20_1","volume-title":"GNU MP: The GNU Multiple Precision Arithmetic Library. https:\/\/gmplib.org\/.","author":"Granlund Torbj\u00f6rn","year":"2020","unstructured":"Torbj\u00f6rn Granlund and the GMP development team. 2020. GNU MP: The GNU Multiple Precision Arithmetic Library. https:\/\/gmplib.org\/."},{"key":"e_1_3_2_1_21_1","unstructured":"Mike Hamburg. 2021. Computing the Jacobi symbol using Bernstein-Yang. Cryptology ePrint Archive Paper 2021\/1271. https:\/\/eprint.iacr.org\/2021\/1271 https:\/\/eprint.iacr.org\/2021\/1271."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF57540.2023.00008"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1504\/IJACT.2020.107167"},{"key":"e_1_3_2_1_24_1","unstructured":"Michael B. McLoughlin. 2021. addchain: Cryptographic Addition Chain Generation in Go. https:\/\/github.com\/mmcloughlin\/addchain."},{"key":"e_1_3_2_1_25_1","volume-title":"Mycrypt (LNCS","volume":"108","author":"Menezes Alfred","year":"2016","unstructured":"Alfred Menezes, Palash Sarkar, and Shashank Singh. 2016. Challenges with Assessing the Impact of NFS Advances on the Security of Pairing-Based Cryptography. In Mycrypt (LNCS, Vol. 10311). Springer, 83--108."},{"key":"e_1_3_2_1_26_1","volume-title":"Efficient computation of the Jacobi symbol. CoRR abs\/1907.07795","author":"M\u00f6ller Niels","year":"2019","unstructured":"Niels M\u00f6ller. 2019. Efficient computation of the Jacobi symbol. CoRR abs\/1907.07795 (2019). arXiv:1907.07795 http:\/\/arxiv.org\/abs\/1907.07795"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.3934\/amc.2020113"},{"key":"e_1_3_2_1_28_1","unstructured":"Thomas Pornin. 2020. Faster Modular Inversion and Legendre Symbol and an X25519 Speed Record. https:\/\/research.nccgroup.com\/2020\/09\/28\/faster-modular-inversion-and-legendre-symbol-and-an-x25519-speed-record\/."},{"key":"e_1_3_2_1_29_1","unstructured":"Thomas Pornin. 2020. Optimized Binary GCD for Modular Inversion. Cryptology ePrint Archive Paper 2020\/972. https:\/\/eprint.iacr.org\/2020\/972 https: \/\/eprint.iacr.org\/2020\/972."},{"key":"e_1_3_2_1_30_1","volume-title":"is my code constant time?","author":"Reparaz Oscar","unstructured":"Oscar Reparaz, Josep Balasch, and Ingrid Verbauwhede. 2017. Dude, is my code constant time?. In DATE. IEEE, 1697--1702."},{"key":"e_1_3_2_1_31_1","volume-title":"A course in number theory","author":"Rose Harvey E","unstructured":"Harvey E Rose. 1995. A course in number theory. Oxford University Press."},{"key":"e_1_3_2_1_32_1","unstructured":"Supranational. [n. d.]. The blst multilingual BLS12--381 signature library. https:\/\/github.com\/supranational\/blst."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00031"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2019.i4.154-179"},{"key":"e_1_3_2_1_35_1","unstructured":"Peter Wuille Gregory Maxwell and Russell O'Connor. 2021. Bounds on divsteps iterations in safegcd. https:\/\/github.com\/sipa\/safegcd-bounds."}],"event":{"name":"CCS '23: ACM SIGSAC Conference on Computer and Communications Security","location":"Copenhagen Denmark","acronym":"CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3576915.3616597","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3576915.3616597","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,21]],"date-time":"2025-08-21T01:59:00Z","timestamp":1755741540000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3576915.3616597"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,15]]},"references-count":35,"alternative-id":["10.1145\/3576915.3616597","10.1145\/3576915"],"URL":"https:\/\/doi.org\/10.1145\/3576915.3616597","relation":{},"subject":[],"published":{"date-parts":[[2023,11,15]]},"assertion":[{"value":"2023-11-21","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}